﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.Mvc;
using SnippetBox.Core.Data.Models;

namespace SnippetBox.Core.Infrastructure.Security {
    public class AllowedToCreateSnippetAttribute : AuthorizeAttribute {
        protected override bool AuthorizeCore(HttpContextBase httpContext) {
            var authorized = base.AuthorizeCore(httpContext);
            if (authorized && (httpContext.User as User).Role == Role.Member) {
                return Settings.Current.Permissions.AllowMembersToCreateSnippets;
            }
            return authorized;
        }
    }
}
